supernets/hardlounge
supernets/hardlounge
4
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Don't check for existing password emptyness

Browse Source 
Pointed out by @PugaBear, it's possible for a user to have an empty password. There isn't really a need to check for password emptyness, it will simply fail with wrong old password instead.
This commit is contained in:
Maxime Poulin 2016-05-10 18:00:07 -04:00
parent 973fa0f4b2
commit 0b6d13d22d
No known key found for this signature in database
GPG Key ID: CB63C36252F40D4B
1 changed files with 0 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/server.js
View File

@ -137,12 +137,6 @@ function init(socket, client, token) {
var old = data.old_password;
var p1 = data.new_password;
var p2 = data.verify_password;
if (typeof old === "undefined" || old === "") {
socket.emit("change-password", {
error: "Please enter your current password"
});
return;
}
if (typeof p1 === "undefined" || p1 === "") {
socket.emit("change-password", {
error: "Please enter a new password"